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AMENDMENTS TO THE SPECIFICATION: 

Please amend the caption on page 4, line 22, as follows: 

BRIEF SUMMARY OF ffiE -INV-ENTIQN 

Please amend the paragraph beginning on page 4, line 23, and continuing to page 
6, line 8, as follows: 

The- An object of the present =n- ,■: ■■■■■ : -:-:h)>oh^y is to reduce or eliminate the 
problems outlined above. This object and others are obtained by providing a method and 
apparatus for exchanging user-specific data from a mobile network to a service 
application of an external service provider, wherein certain user data is needed by the 
application for providing a requested service to a mobile user. A unique Application User 
Identification (AUID) code is generated and assigned to a combination of the mobile user 
and the application. The assigned AUID code is then sent to the application. A request for 
the needed user data is received from the application together with an AUID code. It is 
then determined whether the application is allowed to retrieve the requested user data. If 
so, the requested user data is retrieved based on the received AUID code, and is sent to 
the application. On the other hand, an error message may be sent if it is determined that 
the application is not allowed to retrieve the requested user data. 

Please amend the paragraph beginning on page 6, line 12, and continuing to page 
6, line 15, as follows: 

Fig. 5 is a flow chart illustrating fee-steps example acts executed in a method for 
exchanging user data according to one ev i ^ H tk \ - v m< x. 



-2- 



1147502 



HALLENSLEBEN, S. 
Serial No. 10/508,991 



AttyDkt: 2466-130 
Art Unit: 2617 



Please amend the paragraph beginning on page 6, line 1 7, and continuing to page 
6, line 27, as follows: 

A simplified communication scenario is illustrated in Fig. 1, where user data can 
be exchanged a€^M - mg -- t - e -- the -- preseB - t - 4Hven ti 0ft -to a service application of an external 
provider. A mobile terminal 100 operated by a mobile user is connected to a base station 
102 of a mobile network 104 by means of a radio air interface. The mobile network 104 
uses standardised communication protocols, such as any of those defined for GSM, 
TDMA, GPRS, UMTS, etc, for transmission of speech and data over the air interface as 
well as within the network. TCP/IP is also commonly used within mobile networks. 

Please amend the paragraph beginning on page 8, line 27, and continuing to page 
9, line 3, as follows: 

The data control server 1 14 then generates a unique Application User 
Identification (AUID) code representing the combination of a specific user and a specific 
service application corresponding to the requested service. The AUID code is stored 
together with a mobile user identity such as aft-aMSISDN (Mobile Subscriber ISDN 
number) used in GSM networks, and an application identity such as a name. In practice, 
an identity code of either a user subscription or a physical terminal may be used as the 
mobile user identity. 

Please amend the paragraph beginning on page 12, line 19, and continuing to 
page 13, line 3, as follows: 

F - i - g"S -- 3 -- a - Hd -- 4 1 :r ig. 3 and Fig. 4 illustrate signalling diagrams for exemplary 
communication procedures using the present i-Hv^v-;k^iechnoji);.tv. These will now be 
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described with further reference to Fig. 2. It should be noted that some or all messages to 
and from the data control server 1 14 may in practice be transmitted over a service portal 
or the like of the mobile network 104, such as the gateway 106 in Fig. 1. 

Please amend the paragraph beginning on page 13, line 4, and continuing to page 
13, line 16, as follows: 

In Fig. 3, a mobile terminal 100 accesses a service application 108A1 for the first 
time. In a first step-act 300, the terminal 100 sends a service request SR to the mobile 
network which is forwarded to the data control server 1 14 and received in the mobile 
network interface 200 residing therein. The logic unit 204 identifies the mobile user and 
the application 108A1 corresponding to the received service request. It is then recognised 
by the translator 208 that no AUID exists for this particular user/application combination, 
by checking the translation table 212. The AUID code generator 206 is then ordered to 
generate a new AUID code, which is assigned to this user/application combination and 
stored in the translation table 212. 

Please amend the paragraph beginning on page 13, line 17, and continuing to 
page 14, line 3, as follows: 

Next in a~-Tte^ac| 302, the service request is sent with the AUID code to the 
application 108A1. The application 108A1 then determines in this case that specific user 
data is needed to provide the requested service, and therefore sends a user data request 
UDR and the AUID code to the data control server 1 14 in ■a-stepaci 304, which are 
received in the external provider interface 202 of the server 1 14. It is then checked in the 
permission table 210 whether the application 108A1 is allowed to receive the requested 
user data. If so, the requested user data is retrieved from the user database 1 12 and the 
user data UD is sent to the application 108A1 in a step 306. If the application 108A1 is 
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not allowed to receive the requested user data, or if the application 108A1 is not 
registered at all, an appropriate error message E may be sent in an alternative step-act 
308, or no response is sent at all. Finally, if the application 108A1 has received the user 
data, it can execute the requested service as indicated in a stepaci 310, e.g. by sending 
payload data to the mobile terminal 100. 

Please amend the paragraph beginning on page 14, line 4, and continuing to page 
14, line 19, as follows: 

In Fig. 4, a mobile terminal 100 accesses the service application 108A1 again at a 
later occasion by sending a new service request SR in a first step- act 400, which is 
received in the data control server 114. The logic unit 204 then identifies the mobile user 
and the application 108A1 as in the example above, and the previously assigned AUID 
code is retrieved from the translation table 212 by the translator 208. In a next step-act 
402, the service request SR and the AUID code are sent to the application 108A1. It is 
then possible for the application 108A1 to attribute the previously received user data to 
the service, if it has been locally stored. If no further user data is needed, the application 
108A1 can execute the requested service as indicated in a stepact 404. If more data is 
needed, such as a current location or a prepaid account status, the step^acts304-310 in 
Fig. 3 may be executed again, as described above. 

Please amend the paragraph beginning on page 14, line 24, and continuing to 
page 15, line 6, as follows: 

Fig. 5 is a flow chart illustrating the procedure executed in the data control server 
1 14 when a user data request is received from a service application of an external 
provider. The user data request is received together with an AUID code in a first step-act 
500, corresponding to step»acL304 in Fig. 3. An authentication routine may optionally be 
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performed in connection with step-act 500. Next in a stepact 502, it is determined 
whether the application is allowed to retrieve the requested user data, by checking the 
permission table 210. If not, an error message is sent to the application m -- a - s ? ep asj|ct 
504, or alternatively, no response is given at all. If the request is granted, the received 
AUID code is translated into a mobile user identity ift - a -- &t e p bvact 506, by checking the 
translation table 212. 

Please amend the paragraph beginning on page 15, line 7, and continuing to page 
15, line 14, as follows: 

Next, it is determined m --a --s-tep by. act 508 whether a valid mobile user identity was 
found in step-act 506 in order to check if the application is authorised. This check 
provides additional security since only an authorised application can know a valid AUID 
code. If not found, an error message is sent to the application in a-s^act 510. Otherwise, 
the requested user data is retrieved from the user database 1 12 and is sent to the 
application in a final step-act 512. 

Please amend the paragraph beginning on page 15, line 15, and continuing to 
page 15, line 22, as follows: 

By using the described ■mvefbtk>Htechnology, a simple and reliable procedure is 
obtained for exchanging user data to service applications of external providers, enabling 
efficient control and communication between a mobile network and the applications. 
Access to user data is controlled by a single component, the data control server 1 14, 
which thus may act as a firewall. Hence, sensitive user information can be protected from 
unauthorised access. 
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Please amend the paragraph beginning on page 15, line 23, and continuing to 
page 15, line 31, as follows: 

By using the unique AUID codes in service requests according to the present 
■m-ven-He-H technology, an unauthorised application cannot impersonate an authorised 
application to fraudulently obtain user data. Also, users are automatically authenticated 
towards the applications by the AUID codes and no exchange of usernames and 
passwords is necessary between users and applications. Therefore, applications designed 
to be accessed over the Internet can easily be adapted for access via a data control server 
1 14 as described above. 

Please amend the paragraph beginning on page 16, line 7, and continuing to page 
16, line 21, as follows: 

In practice, the invention technology is preferably implemented as software code 
means in a computer program product adapted to cause a data control server 1 1 4 to 
perform the inventive method, such as the above-described processes. It should be noted 
that the functional units 200-212 in Fig. 2 are merely logically represented and may be 
implemented as software in one or more processors or the like anywhere in the server 
1 14. In an alternative embodiment, the logic unit 204 may for example be integrated with 
the interfaces 200, 202. In another embodiment, the logic unit 204, the AUID code 
generator 206 and the translator 208 may be integrated into a single functional unit. 
Furthermore, the permission table 210 and the translation table 212 may be stored in a 
memory within or outside the data control server 1 14.. 
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